Cryptography and Network Security

Digital Signature (DS):  Before the advent of computer communication, handwritten signature were commonly used as a promising tool for validating proposals.  With the rise of computer communication, handwritten signature were gradually replaced by digital signatures.  Thus, the interplay between encryption and signature methods was enabled by their digitalization and the introduction of computational complexity as a basic for security.  Loosely speaking, a scheme for unforgeable signature requires that 1. each user can efficiently generate their own signature on documents of their choice,  2. each user can efficiently verify whether a given string is valid signature of another user on a specific document, and 3. no one can efficiently produce the signature of another user on documents that the users did not sign.  Message Authentication (MA): First, consider a scenario where an adversary is monitoring the channel and may alter the message sent transmitted t...

In this blog, we shed light on the need for Asymmetric Scalar Product Preserving Encryption (ASPE) , a scheme that enables retrieval of top k nearest points for a given query q. We begin with the motivation, then present the ASPE scheme, and finally demonstrate known-plaintext attack (KPA) on it. Motivation In our daily routine, we frequently interact with various online service providers such as hotel booking platforms, cab services, food delivery, and many more. But have you ever wondered how these services keep your data secure? Let’s take an example of booking an online cab (as shown in Figure 1). Suppose you open a cab-booking application and search for nearest available ride. Behind the scenes, the application stores locations of all cabs in an encrypted form so that they remain hidden from any potential adversary. When you enter your location, the app first encrypts it and then processes it against the encrypted locations of all cabs. After performing the computation securel...

Motivation: In 1978, Rivest, Adleman and Dertouzos [1] introduced the idea of performing computations directly on encrypted data without using secret key. This concept is known as homomorphic encryption. However, their first proposal supported only one type of operation, either addition or multiplication, on encrypted data. Such schemes are called partially homomorphic encryption (PHE). Later, in 1999, Paillier [2] improved this concept by designing an encryption scheme that allows both addition and multiplication on encrypted data, but only a limited number of times. This type of scheme is called somewhat homomorphic encryption (SHE). Paillier Encryption: Paillier encryption is a probabilistic asymmetric algorithm, which means it uses separate keys for encryption and decryption and also introduces randomness during encryption to ensure that the same message never encrypts to the same ciphertext. It supports important homomorphic properties that make it useful in privacy preserving app...

Encryption Alone is Not Sufficient Encryption preserves the contents of the data, but it may still leak access patterns . For example, if location x is accessed frequently, an observer can infer its importance—even if the data itself is encrypted. Student and Locker Room Analogy — An Example Imagine : A student (client) has secret notes stored in lockers (server). Each locker has a number (like a memory address). Every time the student wants to read or update a note, he walks to the corresponding locker. If someone is watching : They can see which lockers the student accesses. Even if they cannot read the notes, they can infer which notes are accessed frequently or repeatedly. To hide this : The student always visits multiple lockers, including some randomly chosen fake ones. He periodically shuffles and reorders the notes. As a result, the observer cannot tell which locker contains the real note or which accesses are genuine. This is exactly wha...

The RSA algorithm was proposed in 1978 and is named after its inventors: Rivest, Shamir, and Adleman. RSA: A Cornerstone of Cryptography In 1976, the first asymmetric key encryption algorithm, Diffie-Hellman, was proposed. However, this algorithm left open the problem of realizing a one-way function — a function that is hard to invert. The three cryptographers — Ron Rivest, Adi Shamir, and Leonard Adleman — solved the aforementioned problem. RSA algorithm This algorithm is divided into three phases, namely, key generation, encryption, and decryption.  A. Key Generation:           1. Select two large prime numbers (say p, and q).          2. Calculate n = pq.          3. Calculate Euler totient function   Φ (n) = (p-1)(q-1)          4. Choose value of e (where 1 < e <  Φ (n), and gcd( Φ (n),e)=1).          5. Calculate d such that ed = 1 m...

Elliptic Curve Cryptography (ECC) Elliptic curve (EC) was first introduced by Neal Kobiltz and Victor Miller in 1985. Elliptic curve is a non-singular curve that is operated on a finite field Zq (where q is the order of elliptic curve). EC consists of set of points that satisfies the following equation as follows.                                                                   Y 2 = X 3 + aX + b Where {X,Y,a,b} ∈ Zq, and 4a 3 + 27b 2 ≠ 0. Next, we discuss the encryption and decryption mechanism between two parties (Say α and γ ). Remark 1: Elements selected from party α is represented by capital letters whereas elements selected from party γ is represented by small letters. i) Key Generation: 1. Secret key: Each party α and γ selects secret keys S ∈ Zq and s ∈ Zq. 2. Public key: P ...

Fast Base Conversion (FBC) is a technique used to convert a number from one modulus space to another. For example, if we have 14 m o d     77 14 \mod 77  and want to convert it to x m o d     390 x \mod 390 , FBC is widely used. Mathematically, it can be represented as follows: Here, the above equation represents an integer x x  in modulus q q , and FBC converts this integer into the modulus space t t . The modulus q q  is the product of small coprime moduli (i.e., q = q 1 q 2 … q k q = q_1 q_2 \dots q_k ​ ), and x x  is an integer such that x ∈ [ 0 , q ) x \in [0, q) . We also note that q q  and t t  are coprime numbers. Here, we remark that it is not necessary for the above equation to produce the exact result for x x . Instead of x m o d     t x \mod t , it will provide x ′ m o d     t x' \mod t . Thus, the output of the above equation is as follows: FBC ( x , q , t )  =  x  +  A q  mod  t , where A ∈ [ 0 , k − 1 ] A \in [0,...

Homomorphic encryption (HE) is a process that allows computations to be performed on encrypted data without requiring the secret key. 2. The most widely used schemes are A. BFV B. BGV C. CKKS D. TFHE SIMD means single instruction multiple data. 3. Hey, can BGV/BFV perform the evaluation of trigonometric functions?. Ans: No (It's difficult) 😭  4. Hey, can  CKKS can perform the evaluation of trigonometric functions? Ans: YES 😆 5. Homomorphic multiplication is costly, as it rapidly increases noise growth. 6. In homomorphic encryption ciphertext can be defined as          C = C0 + C1.s Thus, during multiplication C*C' = (C0+C1.s)*(C0'+C1'.s) C*C' = C0C0' + [C0C1' + C0'C1].s +C1C1'.s^2 oops!!! C*C' is quadratic 😭 Introduce the concept of re-linearization here (re-linearization means converting degree 2 ciphertext into degree 1 ciphertext). Thus, C*C' = C0C0' + C.S   In another way, re-linearization is a technique that makes your process com...

Homomorphic encryption means computation over encrypted data without secret key.  How this is possible  ?? 😴 In this blog, we will explore the types of Homomorphic Encryption and demonstrate how computations can be performed on encrypted data without the secret key. In 2009, Gentry proposed Fully Homomorphic Encryption. In 2012, Brakerski proposed a leveled homomorphic encryption scheme that works over integer arithmetic, which later became known as the BFV scheme. BFV is an encryption scheme. Thus, as an encryption scheme, it is expected to be secure. To date, under certain conditions, it is assumed that the scheme is safe, and its security is based on the Learning With Errors (LWE) assumption.. Learning-with-error (LWE): Given a pair of a, b and the task is to recover secret key (s), such that b = a.s  + e  Here e is error mostly picked from gaussian distribution, and a, s are selected from Rq (known as ring module R) The above problem is HARD. The proof is not si...